Thu Mar 17 19:46:28 UTC 202220220317194628_15.0

patches/packages/bind-9.18.1-x86_64-1_slack15.0.txz: Upgraded. This update fixes bugs and the following security issues: An assertion could occur in resume_dslookup() if the fetch had been shut down earlier. Lookups involving a DNAME could trigger an INSIST when "synth-from-dnssec" was enabled. A synchronous call to closehandle_cb() caused isc__nm_process_sock_buffer() to be called recursively, which in turn left TCP connections hanging in the CLOSE_WAIT state blocking indefinitely when out-of-order processing was disabled. The rules for acceptance of records into the cache have been tightened to prevent the possibility of poisoning if forwarders send records outside the configured bailiwick. For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0667 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0635 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0396 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25220 (* Security fix *) patches/packages/bluez-5.64-x86_64-1_slack15.0.txz: Upgraded. This is a bugfix release: Fix issue with handling A2DP discover procedure. Fix issue with media endpoint replies and SetConfiguration. Fix issue with HoG queuing events before report map is read. Fix issue with HoG and read order of GATT attributes. Fix issue with HoG and not using UHID_CREATE2 interface. Fix issue with failed scanning for 5 minutes after reboot. patches/packages/openssl-1.1.1n-x86_64-1_slack15.0.txz: Upgraded. This update fixes a high severity security issue: The BN_mod_sqrt() function, which computes a modular square root, contains a bug that can cause it to loop forever for non-prime moduli. For more information, see: https://www.openssl.org/news/secadv/20220315.txt https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778 (* Security fix *) patches/packages/openssl-solibs-1.1.1n-x86_64-1_slack15.0.txz: Upgraded. patches/packages/qt5-5.15.3_20220312_33a3f16f-x86_64-1_slack15.0.txz: Upgraded. Thanks to Heinz Wiesinger for updating the fetch_sources.sh script to make sure that the QtWebEngine version matches the rest of Qt, which got the latest git pull compiling again. If a 32-bit userspace is detected, then: export QTWEBENGINE_CHROMIUM_FLAGS="--disable-seccomp-filter-sandbox" This works around crashes occuring with 32-bit QtWebEngine applications. Thanks to alienBOB.
author: Patrick J Volkerding <volkerdi@slackware.com> 2022-03-17 19:46:28 +0000
committer: Eric Hameleers <alien@slackware.com> 2022-03-18 13:29:58 +0100
commit: fcc29dbb4067b730b772bc4a050bd066c0a0c9cf (patch)
tree: fe50e1ce0a222feac046ed805d54e42e7dba3c77 /ChangeLog.rss
parent: 44c9fcd8776c083b8de52d292b23aca6b99a59d4 (diff)
download: current-fcc29dbb4067b730b772bc4a050bd066c0a0c9cf.tar.gz
current-fcc29dbb4067b730b772bc4a050bd066c0a0c9cf.tar.xz
1 files changed, 56 insertions, 2 deletions
diff --git a/ChangeLog.rss b/ChangeLog.rss
index 25a1de13e..672a0e635 100644
--- a/ChangeLog.rss
+++ b/ChangeLog.rss
@@ -11,10 +11,64 @@
       <description>Tracking Slackware development in git.</description>
       <language>en-us</language>
       <id xmlns="http://www.w3.org/2005/Atom">urn:uuid:c964f45e-6732-11e8-bbe5-107b4450212f</id>
-      <pubDate>Tue, 15 Mar 2022 00:13:59 GMT</pubDate>
-      <lastBuildDate>Tue, 15 Mar 2022 12:29:50 GMT</lastBuildDate>
+      <pubDate>Thu, 17 Mar 2022 19:46:28 GMT</pubDate>
+      <lastBuildDate>Fri, 18 Mar 2022 12:29:48 GMT</lastBuildDate>
       <generator>maintain_current_git.sh v 1.17</generator>
       <item>
+         <title>Thu, 17 Mar 2022 19:46:28 GMT</title>
+         <pubDate>Thu, 17 Mar 2022 19:46:28 GMT</pubDate>
+         <link>https://git.slackware.nl/current/tag/?h=20220317194628</link>
+         <guid isPermaLink="false">20220317194628</guid>
+         <description>
+           <![CDATA[<pre>
+patches/packages/bind-9.18.1-x86_64-1_slack15.0.txz:  Upgraded.
+  This update fixes bugs and the following security issues:
+  An assertion could occur in resume_dslookup() if the fetch had been shut
+  down earlier.
+  Lookups involving a DNAME could trigger an INSIST when "synth-from-dnssec"
+  was enabled.
+  A synchronous call to closehandle_cb() caused isc__nm_process_sock_buffer()
+  to be called recursively, which in turn left TCP connections hanging in the
+  CLOSE_WAIT state blocking indefinitely when out-of-order processing was
+  disabled.
+  The rules for acceptance of records into the cache have been tightened to
+  prevent the possibility of poisoning if forwarders send records outside
+  the configured bailiwick.
+  For more information, see:
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0667
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0635
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0396
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-25220
+  (* Security fix *)
+patches/packages/bluez-5.64-x86_64-1_slack15.0.txz:  Upgraded.
+  This is a bugfix release:
+  Fix issue with handling A2DP discover procedure.
+  Fix issue with media endpoint replies and SetConfiguration.
+  Fix issue with HoG queuing events before report map is read.
+  Fix issue with HoG and read order of GATT attributes.
+  Fix issue with HoG and not using UHID_CREATE2 interface.
+  Fix issue with failed scanning for 5 minutes after reboot.
+patches/packages/openssl-1.1.1n-x86_64-1_slack15.0.txz:  Upgraded.
+  This update fixes a high severity security issue:
+  The BN_mod_sqrt() function, which computes a modular square root, contains
+  a bug that can cause it to loop forever for non-prime moduli.
+  For more information, see:
+    https://www.openssl.org/news/secadv/20220315.txt
+    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2022-0778
+  (* Security fix *)
+patches/packages/openssl-solibs-1.1.1n-x86_64-1_slack15.0.txz:  Upgraded.
+patches/packages/qt5-5.15.3_20220312_33a3f16f-x86_64-1_slack15.0.txz:  Upgraded.
+  Thanks to Heinz Wiesinger for updating the fetch_sources.sh script to make
+  sure that the QtWebEngine version matches the rest of Qt, which got the
+  latest git pull compiling again.
+  If a 32-bit userspace is detected, then:
+  export QTWEBENGINE_CHROMIUM_FLAGS="--disable-seccomp-filter-sandbox"
+  This works around crashes occuring with 32-bit QtWebEngine applications.
+  Thanks to alienBOB.
+           </pre>]]>
+         </description>
+      </item>
+      <item>
          <title>Tue, 15 Mar 2022 00:13:59 GMT</title>
          <pubDate>Tue, 15 Mar 2022 00:13:59 GMT</pubDate>
          <link>https://git.slackware.nl/current/tag/?h=20220315001359</link>
author	Patrick J Volkerding <volkerdi@slackware.com>	2022-03-17 19:46:28 +0000
committer	Eric Hameleers <alien@slackware.com>	2022-03-18 13:29:58 +0100
commit	fcc29dbb4067b730b772bc4a050bd066c0a0c9cf (patch)
tree	fe50e1ce0a222feac046ed805d54e42e7dba3c77 /ChangeLog.rss
parent	44c9fcd8776c083b8de52d292b23aca6b99a59d4 (diff)
download	current-fcc29dbb4067b730b772bc4a050bd066c0a0c9cf.tar.gz current-fcc29dbb4067b730b772bc4a050bd066c0a0c9cf.tar.xz